Privacy Policy

Identity data (name, date of birth, nationality, government ID, selfie, proof of address), contact data (email, phone), financial data (bank account, wallet addresses, transaction history), device & technical data (IP address, browser, OS, device fingerprint), behavioural data (trading patterns, page interactions) and communications with our support team.

To create and operate your account; to verify identity (KYC/KYB) and screen against sanctions; to execute trades and process payments; to comply with legal, tax and regulatory obligations; to detect and prevent fraud, money laundering and market abuse; to personalise the Services; to deliver customer support; and to send service and marketing communications (which you can opt out of at any time).

We process personal data under the legal bases of contract performance, legal obligation, legitimate interests (security, fraud prevention, product improvement) and, where required, your consent.

We share data with identity-verification providers, blockchain analytics firms, banking partners, cloud-infrastructure providers, professional advisers, and law-enforcement or regulators when legally compelled. We never sell personal data.

Data may be transferred to countries outside your jurisdiction. We rely on Standard Contractual Clauses (SCCs), adequacy decisions, and supplementary safeguards as required.

We retain personal data for the life of your account and for a minimum of 5 years after closure to comply with AML record-keeping requirements; longer where legally required.

Subject to local law, you have the right to access, rectify, erase, restrict, port and object to processing of your data, and to lodge a complaint with a supervisory authority. To exercise rights, email privacy@gxtexchange.com.

We apply administrative, technical and physical safeguards including encryption in transit and at rest, role-based access controls, hardware-security modules, intrusion detection, and 24/7 security monitoring.

We use cookies and similar technologies for authentication, security, preferences and analytics. See our Cookie Policy.

The Services are not directed at persons under 18. We do not knowingly collect data from minors.

We may update this Policy. Material changes will be notified by email or in-app banner.

Data Protection Officer: dpo@gxtexchange.com.